Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Startup subsystem missed permission validation in param service. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.
Vulnerability Description
OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
OpenHarmony 安全漏洞
Vulnerability Description
OpenHarmony是中国OpenAtom Foundation基金会的一种鸿蒙操作系统的开源项目。 OpenHarmony v3.1.2及以前版本存在安全漏洞,该漏洞源于其启动子系统的parameter服务中缺少合理的权限验证导致安装在设备上的恶意应用程序可以将其权限提升到根用户,禁用安全功能,或通过禁用特定服务导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A